Security Protocol Verification: Symbolic and Computational Models

Security protocol verification has been a very active research area since the 1990s. This paper surveys various approaches in this area, considering the verification in the symbolic model, as well as the more recent approaches that rely on the computational model or that verify protocol implementations rather than specifications. Additionally, the authors briefly describe their symbolic security protocol verifier ProVerif and situate it among these approaches. Security protocols are programs that aim at securing communications on insecure networks, such as Internet, by relying on cryptographic primitives. Security protocols are ubiquitous: they are used, for instance, for e-commerce, bank transactions, mobile phone and Wi-Fi networks, RFID tags, and e-voting.